View New Content
Home
Join & Download
Status
Forums
Contact Us
Client AreaIs AirVPN vulnerable to a MiTM attack by sysadmins looking to throttle their clients? According to http://security.stackexchange.com/questions/53444/vpns-vulnerable-to-mitm-because-any-certificate-goes OpenVPN does not validate that the cert is correct, thus making it possible for ISPs, sysadmins etc, to trick the client to use a fake cert so they may monitor the connections contents. Is AirVPN safe from this?
Does AirVPN validate its certs properly in the connection process?
Started by
greenclaydog
, Oct 27 2016 04:20 PM
certs connection VPN MiTM sysadmin
2 replies to this topic
#2
Staff
-
- Staff
-
- 7796 posts
Advanced Member
Posted 27 October 2016 - 05:01 PM
Is AirVPN vulnerable to a MiTM attack by sysadmins looking to throttle their clients?
No.
According to http://security.stackexchange.com/questions/53444/vpns-vulnerable-to-mitm-because-any-certificate-goes OpenVPN does not validate that the cert is correct, thus making it possible for ISPs, sysadmins etc, to trick the client to use a fake cert so they may monitor the connections contents. Is AirVPN safe from this?
Safe. Frankly, we don't even know whether VPN services without client-side certificate validation exist. Probably not but if you find them, avoid them at all costs.
The only way to break the trust is suggested in the thread you linked and requires a compromised system, just like you would do with HTTPS. Any security consideration and audit must start from a non-compromised system, obviously.
Kind regards
#3
LZ1
-
- Moderators
-
- 1953 posts
It's nice to be nice to nice people
Posted 27 October 2016 - 05:49 PM
Hello!
If Airs site was vulnerable to like so, it would totally ruin Airs Christmas!
You can also check the specs, if you haven't 
.
Welcome to AirVPN.
Hi there, are you new to AirVPN? Many of your questions are already answered in this guide. Its Guides Section has guides on Linux/Torrenting/Blocked sites & many other topics too.
Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please read the First Questions section in the link above for more details, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.
Tired of Windows? Why Linux Is Better.
Similar Topics
| Topic | Forum | Started By | Stats | Last Post Info | |
|---|---|---|---|---|---|
Eddie For Android Quick Connect Does Not Fallback To Other Protocols |
Eddie - AirVPN Client | kah0922 |
|
|
|
Help to reach my OpenVPNServer under AirVPN |
Troubleshooting and Problems | bracio84 |
|
|
|
Dominating VPNs in the market - why no AirVPN? vpn, market
|
Other VPN competitors or features | Leepster |
|
|
|
AirVPN servers being used as Tor exit nodes! tor
|
Troubleshooting and Problems | myvpnislit |
|
|
|
No connection to "catalog-retail.amazon.de" and "catalog-sc.amazon.de" Amazon
|
Troubleshooting and Problems | AlterRabe |
|
|
Also tagged with one or more of these keywords: certs, connection, VPN, MiTM, sysadmin
Community →
Other VPN competitors or features →
Dominating VPNs in the market - why no AirVPN?Started by Leepster, 19 Feb 2019 vpn, market
|
|
|
||
Community →
Eddie - AirVPN Client →
Frequent VPN error messages on Android.Started by cdysthe, 15 Feb 2019 vpn
|
|
|
||
 Answered
Community →
Troubleshooting and Problems →
Unable to connect to local network over wifiStarted by FII3l6H5Un8, 16 Jan 2019 vpn, wifi, router, raspberry pi, android
|
|
|
||
Community →
General & Suggestions →
Most Common Problems & Their Suggested SolutionsStarted by LZ1, 30 Dec 2018 connection, problem, AirVPN, torrenting, Eddie, slow, speeds
|
|
|
||
Community →
Other VPN competitors or features →
Run my own VPN over Softether within a VPS serverStarted by JMennuni, 19 Dec 2018 Vps, tor, vpn, best, remote, shell, anonymous, nsa
|
|
|
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
Online Sessions: 
Your IP: